The purpose of this tutorial is to outline the steps required to set up the ExampleWebsite ASP.NET web application
Table of Contents |
---|
Intro
The purpose of this tutorial is to outline the steps required to set up the ExampleWebsite ASP.NET web application, located at https://source.jasig.org/cas-clients/dotnet-client/trunk/
System Environment
- Microsoft Visual Studio 2010 Professional Edition
- Windows 7 Professional with Internet Information Services 6 [Full Pack]
- AnkhSVN - Subversion Support for Visual Studio
Setup the CAS Server
Follow the instructions at this link to setup an instance of the CAS server. Additional software may be required.
Setup ExampleWebsite in Visual Studio
- Launch Microsoft Visual Studio with admin privileges. You can do so by right clicking on Visual Studio and selecting Run as Administrator. This is required for you to publish application artifacts to the local instance of IIS.
- From the File menu, select Open -> Subversion Project. Enter the following link into the address bar: https://source.jasig.org/cas-clients/dotnet-client/trunk/
...
- Right click on ExampleWebsite and select Publish Website. From the dialog, click the browse button and navigate to Local IIS group. Then, select Default Website.
Create IIS .NET SSL Certificate
- Inside the IIS Manager, open the Server Certificates module.
- From the Actions list on the right, select Create Self-Signed Certificate. Enter dotnet for the friendly name and click OK.
...
- Open Internet Explorer and bring up the Options Dialog. Then, navigate to the Content tab. Click on the Certificates and select the Trusted Root Certification Authorities.
- Click on the Import button and walkthrough the wizard. Specify the file name to be the <path-export-file> above. Finally, make sure the certificate is placed inside the Trusted Root Certification Authorities.
Import IIS .NET SSL Certificate to JVM
- Select the imported certificate above and click on Export.
- Select DER (*.cer file) as the export format, provide a file name (i.e client.cer) and export the certificate.
...
When prompted, enter “yes” to trust and import the certificate to the JVM keystore.
Import JVM SSL Certificate to IIS
- Open Internet Explorer and bring up the Options Dialog. Then, navigate to the Content tab. Click on the Certificates and select the Trusted Root Certification Authorities.
- Click on the Import button and walkthrough the wizard. Locate the server certificate that you created for the tomcat instance (i.e tomcat.crt). Finally, make sure the certificate is placed inside the Trusted Root Certification Authorities.
Assign SSL Certificates to Trusted Root CA
- Open the start menu and type MMC into the Run dialog. (You should have/allow admin access to in order to launch the Windows Management Console)
- From the File menu, select Add/Remove Snap-in and select Certificates from the Available Snap-ins list.
- Click the Add button and select My User Account. Finally, add the Snap in to the list.
- Click the Add button again and select Computer Account. Choose the Local Computer option and add the Snap in to the list. Finally, click OK to close the dialog.
...
- Expand the node Certificates – Current User,Trusted Root Certification Authorities and then Certificates.
- Make sure both certificates exist in the list. Also, copy all certificates and put them in Certificates – Local Computer - Trusted Root Certification Authorities. This is required for IIS to validate and authenticate requests.
Configure Server Credentials
You should configure the CAS server credentials so they match the ExampleWebsite accounts, which are defined in App_Data\UserRoles.xml.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<bean class="org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler"> <property name="users"> <map> <entry> <key><value>admin</value></key> <value>admin</value> </entry> <entry> <key><value>bob</value></key> <value>bob</value> </entry> </map> </property> </bean> |
Run
First, make sure you have the CAS server up and running and you can log into CAS using the above credentials.
...